CVE-2006-3731 — Firefox vulnerability

4 documents4 sources

Severity

2.6LOWNVD

EPSS

0.7%

top 28.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Firefox Mozilla Firefox

Timeline

PublishedJul 21

Latest updateMay 1

Description

Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third party has claimed that this issue might be related to the LiveHTTPHeaders extension.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

▶NVDmozilla/firefox5 versions+4

▶debiandebian/firefox< firefox 1.5.dfsg+1.5.0.6-1 (sid)

🔴Vulnerability Details

GHSA

GHSA-jgg8-m8r9-68gq: Mozilla Firefox 1↗2022-05-01

▶

📋Vendor Advisories

Debian

CVE-2006-3731: firefox - Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cau...↗2006

▶

Red Hat

CVE-2006-3731: Mozilla Firefox 1↗

▶